Weekly Intelligence Summary 07 Feb 2020

In the spotlight this week: The recent disclosure of a vulnerability in Citrix devices was quickly followed by multiple exploitations before patches were introduced, reflecting the danger of announcing a critical vulnerability without a readily available patch. Citrix’s staggered rollout of patches over the month of January enabled threat actors to take rapid advantage; they exploited the vulnerability to infiltrate Citrix systems and deliver at least three variants of ransomware. The large-scale use of Citrix systems worldwide brings high risks: of more attacks on remaining vulnerable systems, and of previously uninterested threat actors shifting their focus to capitalize on this vulnerability.

Previous Report

Weekly Intelligence Summary 14 Feb 2020

A recently discovered campaign has used the legitimate storage services of BitBucket to facilitate malware ...

Next Report

Weekly Intelligence Summary 31 Jan 2020

The “Fractured Statue” cyber-threat campaign of 2019 has highlighted the difficulties in naming perpetrator...